Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2020:2067-1

Опубликовано: 29 июл. 2020
Источник: suse-cvrf

Описание

Security update for ldb

This update for ldb fixes the following issues:

  • CVE-2020-10730: Fixed a null de-reference in AD DC LDAP server when ASQ and VLV combined (bsc#1173159).

Список пакетов

Image SLES15-SP1-Azure-BYOS
libldb1-1.4.6-3.5.2
Image SLES15-SP1-Azure-HPC-BYOS
libldb1-1.4.6-3.5.2
Image SLES15-SP1-CAP-Deployment-BYOS-EC2-HVM
libldb1-1.4.6-3.5.2
Image SLES15-SP1-CAP-Deployment-BYOS-GCE
libldb1-1.4.6-3.5.2
Image SLES15-SP1-CHOST-BYOS-Azure
libldb1-1.4.6-3.5.2
Image SLES15-SP1-CHOST-BYOS-EC2
libldb1-1.4.6-3.5.2
Image SLES15-SP1-CHOST-BYOS-GCE
libldb1-1.4.6-3.5.2
Image SLES15-SP1-EC2-HPC-HVM-BYOS
libldb1-1.4.6-3.5.2
Image SLES15-SP1-EC2-HVM-BYOS
libldb1-1.4.6-3.5.2
Image SLES15-SP1-GCE-BYOS
libldb1-1.4.6-3.5.2
Image SLES15-SP1-Manager-4-0-Azure-BYOS-Proxy
libldb1-1.4.6-3.5.2
Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server
libldb1-1.4.6-3.5.2
Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Proxy
libldb1-1.4.6-3.5.2
Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server
libldb1-1.4.6-3.5.2
Image SLES15-SP1-Manager-4-0-GCE-BYOS-Proxy
libldb1-1.4.6-3.5.2
Image SLES15-SP1-Manager-4-0-GCE-BYOS-Server
libldb1-1.4.6-3.5.2
Image SLES15-SP1-OCI-BYOS
libldb1-1.4.6-3.5.2
Image SLES15-SP1-SAP-Azure
libldb1-1.4.6-3.5.2
Image SLES15-SP1-SAP-Azure-BYOS
libldb1-1.4.6-3.5.2
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production
libldb1-1.4.6-3.5.2
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production
libldb1-1.4.6-3.5.2
Image SLES15-SP1-SAP-EC2-HVM
libldb1-1.4.6-3.5.2
Image SLES15-SP1-SAP-EC2-HVM-BYOS
libldb1-1.4.6-3.5.2
Image SLES15-SP1-SAP-GCE
libldb1-1.4.6-3.5.2
Image SLES15-SP1-SAP-GCE-BYOS
libldb1-1.4.6-3.5.2
Image SLES15-SP1-SAP-OCI-BYOS
libldb1-1.4.6-3.5.2
Image SLES15-SP1-SAPCAL-Azure
libldb1-1.4.6-3.5.2
libldb1-32bit-1.4.6-3.5.2
Image SLES15-SP1-SAPCAL-EC2-HVM
libldb1-1.4.6-3.5.2
libldb1-32bit-1.4.6-3.5.2
Image SLES15-SP1-SAPCAL-GCE
libldb1-1.4.6-3.5.2
libldb1-32bit-1.4.6-3.5.2
SUSE Linux Enterprise Module for Basesystem 15 SP1
ldb-tools-1.4.6-3.5.2
libldb-devel-1.4.6-3.5.2
libldb1-1.4.6-3.5.2
libldb1-32bit-1.4.6-3.5.2
python3-ldb-1.4.6-3.5.2
python3-ldb-devel-1.4.6-3.5.2
SUSE Linux Enterprise Module for Python 2 15 SP1
python-ldb-1.4.6-3.5.2
python-ldb-devel-1.4.6-3.5.2

Ссылки

Описание

A NULL pointer dereference, or possible use-after-free flaw was found in Samba AD LDAP server in versions before 4.10.17, before 4.11.11 and before 4.12.4. Although some versions of Samba shipped with Red Hat Enterprise Linux do not support Samba in AD mode, the affected code is shipped with the libldb package. This flaw allows an authenticated user to possibly trigger a use-after-free or NULL pointer dereference. The highest threat from this vulnerability is to system availability.

Затронутые продукты
Image SLES15-SP1-Azure-BYOS:libldb1-1.4.6-3.5.2
Image SLES15-SP1-Azure-HPC-BYOS:libldb1-1.4.6-3.5.2
Image SLES15-SP1-CAP-Deployment-BYOS-EC2-HVM:libldb1-1.4.6-3.5.2
Image SLES15-SP1-CAP-Deployment-BYOS-GCE:libldb1-1.4.6-3.5.2
Ссылки